Certificate validity checking

a certificate and validity technology, applied in the field of certificate validity checking, can solve the problems of unauthorized terminal devices being inserted into the local network, failing to obtain public keys, and affecting the validity of certificates, etc., and achieving the effect of preventing the certificate from being disabled sooner

Inactive Publication Date: 2007-08-09
THOMSON LICENSING SA
View PDF14 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0065] Other aspects and advantages of the invention will be apparent from the following description and the appended claims.

Problems solved by technology

However, a hacker could perhaps succeed in obtaining the public key and insert unauthorized terminal devices into the local network.
However, if a hacker succeeds in accessing a protected content, the certificate may be disabled sooner than expected: a new CRL is generated, the new CRL comprising an identifier of the disabled certificate.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Certificate validity checking
  • Certificate validity checking
  • Certificate validity checking

Examples

Experimental program
Comparison scheme
Effect test

first embodiment

[0093]FIG. 7 illustrates an example of a method for checking a validity of a certificate according to the present invention. The certificate is associated to a network device in a network.

[0094] An encrypted content is received at the network. An encrypted validity index associated to the encrypted content is received at the network (box 71). The received validity index is decrypted at decrypting means of the network (box 72).

[0095] Alternatively, the validity index VI is integrity protected such that a hacker cannot alter a value of the validity index VI without visible consequences. For example, an index signature is associated to the validity index, the index signature having a value that is computed from a value of the validity index and from a secret key stored at a secure device of the network. The secure device, e.g. a content receiver, comprises checking means, e.g. a portable security module, allowing to check an integrity of the validity index from the index signature. Th...

second embodiment

[0100]FIG. 8 illustrates an example of a method for checking a validity of a certificate according to the present invention.

[0101] The certificate comprises a time index TI that has a value corresponding to a time of issue of the certificate, e.g. a date of a manufacturing of a hardware support of the certificate. The time index TI is read (box 81).

[0102] A validity interval I is derived from the read value of the time index TI (box 82).

[0103] The time index TI may be contained in an encrypted form within the certificate. In this latter case (not represented), the time index TI is decrypted before the deriving of the validity interval I.

[0104] When an encrypted content and an associated validity index VI are received at the network (box 83), the validity of the certificate is evaluated: the certificate is evaluated as valid if the received validity index VI belongs to the time interval I (box 86). If the received validity index VI is outside the time interval I, the certificate i...

third embodiment

[0108]FIG. 9 illustrates an example of a method for checking a validity of a certificate according to the present invention. The certificate is associated to a network device of a network.

[0109] An encrypted content and an associated validity index VI are received at a network (box 91). The received validity index is used to update a comparison index CI (box 92). The comparison index is stored within a determined network device of the network, e.g. the network device to which the certificate is associated.

[0110] The updated comparison index is compared to a time index TI contained within the certificate (box 93). The time index has a value that corresponds to a time of issue of the certificate. The validity of the certificate is thus evaluated from the time index TI and from the validity index VI, the validity index VI only allowing to update a comparison index CI.

[0111] The certificate is evaluated as invalid if the time index TI is smaller than the updated comparison index (box ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for checking a validity of a certificate containing a key associated to a network device in a network, comprises receiving at the network an encrypted content and a validity index associated to the content. The validity of the certificate is evaluated from a time index contained within the certificate, the time index having a value corresponding to a time of issue of the certificate, and from the validity index associated to the encrypted content.

Description

BACKGROUND OF INVENTION [0001] 1. Field of the Invention [0002] The invention relates generally to the field of secure communication networks. [0003] 2. Background Art [0004] Data exchanged through a network may be copied. Hardware manufacturers hence need to protect the exchanged data and to manage permissions or prohibitions to copy the data. Typically, a Public Key Infrastructure (PKI) is provided: a trusted third party, e.g. a certifying authority, generates private / public keys pairs. The private / public keys pairs are involved in data exchanges between network devices of the network. [0005] The trusted third party signs certificates that contain the public key of the private / public keys pair. Typically, each network device of the network is associated to a determined certificate. The determined certificate may for example be stored within a portable security module of the associated network device. The certificates allow to insure that the data is exchanged between network devic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L9/00G06F21/00H04N7/167
CPCH04L63/045H04L63/065H04L63/0823H04L2209/60H04N21/26606H04N21/4405H04L9/3268H04L2463/062H04L9/30H04N21/25G06F1/00H04N21/2347
Inventor DURAND, ALAIN
Owner THOMSON LICENSING SA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap